Don’t Let Them Spit in Your Beer: Decentralization Beyond Blockchain

Countless people in different disciplines are working together to make blockchain the default tool for handling and trading financial assets. The overarching goal of this work is to create a decentralized world; a world in which corruption doesn’t run amok behind closed doors, and where we don’t need middlemen to do stuff for us while taking handsome profits. This decentralized utopia would allow us to have control over our data, and not have to deal with companies taking whatever data they want whenever they want.

I am a full proponent and believer of this goal. I think it has the potential to solve a lot of inefficiencies and problems in today’s society. But after working in and observing the space, I can’t help but notice the following contradiction:

If we are working towards a decentralized world, then how are we only focusing on developing blockchain? How could one singular tool, with its problem-specific architecture, be responsible for decentralizing every single product that exists in today’s industries?

It cannot. Blockchain is great for decentralizing financial services. It is not, for instance, suited for privacy-preserving and verifiable e-voting. It also doesn’t work when we want large amounts of our data to be evaluated in a way where the data itself can remain private.

The above use cases, and ones like it, should be present in a world where blockchain is a norm. After all, why should we switch to a different financial system for the sake of cutting through corruption when the services for which we use that money remain corrupt? Why do I care about having more autonomy over my financial data when I still don’t have autonomy over my personal data, which is increasingly becoming a type of currency in itself?

For every need that blockchain cannot satisfy, there is most likely a different cryptographic protocol that can. Blockchain in itself is just one protocol addressing the specific problem of how to prevent double spending. There are other problems that need to be addressed whose solutions lie in the field of modern cryptography.

A Deep Dive into Decentralization

Responsibility usually implies some amount of power. A server in a restaurant has the responsibility of bringing us our food. This responsibility gives them the power of wreaking all kinds of havoc on our food just by virtue of being alone with it for the time it takes to walk from the kitchen to our table.

This idea has some form of manifestation in almost every service we use. Because U.S. congressmen have the responsibility of creating laws, they have the privilege of sneaking things into those laws that benefit corporations that will pay them. Because Facebook has the responsibility of fulfilling our social media needs, they have the privilege of having insight into our personal data. Because banks have the responsibility of transferring and holding our money, they have the privilege of determining transfer times, as well as pooling our money together and investing it for profit.

We therefore seek to create decentralized systems. Systems that delineate responsibility from power. We want to prevent service providers from acting outside of the confines of our explicit agreement.

In our current society, many companies profit solely off of the implicit privileges given to them via the work that they do. While Google is officially a search engine, it actually makes money by showing us ads according to our searches (having the responsibility of showing us the information we want, gives them the implicit privilege of knowing our desires). While health insurance companies officially take monthly premiums from us for the purpose of paying part of our medical expenses, they actually make money by pooling and investing our monthly premiums (having the responsibility of paying some amount of our healthcare gives them the privilege of demanding a monthly tax from us that far exceeds what is necessary).

The goal of a decentralized world is to create systems that prevent service providers from centering their business models around implicit privileges like the ones listed above. Rather, we want to participate exclusively in exchanges with explicit give and take.

A decentralized system is one that prevents a service provider from gaining implicit privileges as a byproduct of the service that it provides.

Blockchain is fit to do this for some types of services. For the rest of them — we must look to the field of modern cryptography.

Cryptography: The Toolbox of Web3

Modern cryptography exists solely to create systems that protect against adversaries, who may be either external or internal to those system. When a cryptographic protocol to fit a specific need, the following is determined:

A threat model — what computational power do the potential adversaries of the system have? What information will they have access to before the exchange takes place that could help them break the protocol?

What are the intentions of the different adversaries? What information are they trying to obtain and what real world privileges will this give them?

A security guarantee — who and what does the system promise to protect against?

Because we can design systems with the power of the adversary in mind ( threat model ), we can build systems with security guarantees that prevent adversaries from carrying out their malicious intentions .

The following is an attempt at a real world analogy for how we could use cryptography to create a decentralized system.

Consider the case where a server at a restaurant is bringing you a beer and you want to make sure they don’t spit in it. The threat model of this system is that a server has a mouth that produces saliva almost constantly. The intention of the server is to use this saliva to spit in your beer while they are carrying it from the bar to the table.

Given the above, we want to devise a system with the security guarantee that the server will be incapable of spitting in your beer. Notice I said nothing about if the server decides to steal your beer. That we have to leave for another system. ( Security guarantees are important. No one protocol can solve every problem. Being precise about the specific problem we are trying to solve allows us to be precise in the proof of the protocol’s effectiveness).

We proceed as follows. We are going to use a cup that fills via a hole in the bottom ( they do exist, I promise ). We are going to modify these cups slightly by putting a lockable cap on top of the cup. This lockable cap will lock according to a 4 digit code that you program into the cup while the cup is empty (just like a safe that you might find in a hotel room).

When you enter the restaurant, the host/ess will hand you an empty cup with an unlocked lid. You must lock the empty cup with a 4-digit code that you tell nobody. You hold onto this empty, locked cup. When the server comes to take your order, you hand this empty, locked cup to the server and request the type of beer you want. The server brings the cup to the bartender and has them fill up the cup from the hole at the bottom. The server then takes the still-locked cup back to you. You enter your code into the cup, unlocking its top for the first time since you arrived at the restaurant. You smile and take a sip, knowing with full confidence that nobody has tampered with your beer.

We have just used methodologies from modern cryptography to create a decentralized system for delivering a beer. In the traditional system, it is the server’s responsibility to retrieve the cup and bring the cup back and forth between you and the bartender. In the new system, you have the responsibility of retrieving and holding onto your own cup until it is time for you to place your order. By doing this, we enable you to secure the contents of your drink by preemptively locking your cup. Therefore, we have created a system that allows the server to provide a service without obtaining the implicit privileges of being able to spit in your beer.

This methodology can be applied to every single system of service provision that exists in our world today. Cryptography gives us the power to mathematically regulate the actions of individuals, businesses, and government alike. We now have the ability to create systems of exchange that have consequences that we explicitly agree to, instead of just consequences to which we are subjected.

Blockchain will always serve as the foundation of the decentralized future in the same way that money serves as the foundation of our current society. However, money cannot exist in a vacuum. If we are truly trying to work towards a decentralized future, it is critical that we use cryptography to work towards decentralizing other aspects of our lives.